Browsing through VPN working OK but proxy is not in use.
Local clients traffic is going through proxy no problems.
Proxy is in transparent mode with not allowed buypassing.
Transparent squid is working on non stanadart port 3128 and I need implement transparent proxy for local machines so not tried if proxy is working in manual mode but with manual mode never have any issues just always need manualy editing clients config files tu add proxy to it.

@zimny i won’t use your segmentation for networking.
It’s really nice have VPN network segment bridged on Green interface, but for my perspective of network management, this is a potential issue for routing and firewalling. Not only firewall side, but also on client side.
Therefore,i suggest to change your VPN range to something different (192.168.5.0/29, for example)

For smal networks segmentation is not to much in use but for large environment is need (imagine switches to holds vlans on that layer).
I reproduced this bug to improve nethserver software.
I have done some more probes and I can see that signal-event is not working properly.
Some of the setup is just implementing on next reboot.
Also is good to know if your LAN clients are from VPN subnet or the entire network ones.
example IDS?
Do you have so many network skiled clients in your network who know about the broadcast, etc?

Love nethserver and using in in most af my environments.
But when something need be addressed there is the place